How to Securely Share Passwords with Clients
Password security is major concern for businesses of all types – SEO agencies and their clients not the least of them.
But it seems barely a week goes by without some new data breach hitting the news. And if this can happen to massive corporations like Marriott, Facebook and Adobe, all of whom undoubtedly have teams of information security experts on staff, how can a small business ever hope to protect itself?
It all starts with one simple thing: a password.
In SEO, where both you and your clients need access to their website, sharing passwords can sometimes be a risky undertaking, particularly when you consider that stolen passwords and credentials have been responsible for nearly 80% of data breaches.
In this piece we’ll look at the various ways you can protect your clients and yourself from malicious actors, while still sharing passwords.
How You SHOULDN’T Share Passwords
Before we dive into the different secure solutions for password sharing, let’s first cover some of the risky ways people do it:
- Text message – SMS messages have no security. That means any data or information you share via them is readable by anyone who intercepts it.
- Email – Like texts, emails are vulnerable to interception or collection by hackers. Often, if they can access an organization’s web server, they can see everything that has ever been sent or received.
- Online documents – Google Docs, Apple Notes and other online text applications are extremely useful for many things. Password sharing is not one of them. While some docs can be password-protected, they often don’t offer strong security measures.
- Online messengers – Slack, Teams, WhatsApp and the like are ubiquitous in the modern workplace, but they’re a goldmine for cyber criminals because people tend to leave them open and running, even in public settings where they may be unattended.
- Physical documents – The old “post-it note under the keyboard” trick isn’t a secure way to store or share passwords. But you knew that.
- Verbally – Even if you’re in a secure setting, sharing a password by voice has its drawbacks, namely in that to be memorized by someone else, it’s unlikely to be as strong as it should be.
Okay, now that that’s out of the way, let’s dive into the safest ways to share passwords with your team and clients.
How to Safely Share Passwords
Sharing passwords is a necessity in some situations (like performing SEO for a client), but it’s inherently riskier than single-user passwords. Part of the reason for this is shared passwords are often difficult to use with multifactor authentication (MFA).
However, solutions do exist.
Password Managers
A digital password manager is the easiest and most reliable way to share passwords. This digital tool securely stores passwords and lets you share them whenever necessary.
They allow you to choose access-levels, from read-only to ownership and these can be specified for each client and/or team members. Should the client leave, they also make it easy to revoke access.
There are numerous options to choose from available, including Norton, Bitwarden and LastPass, each of which has its own strengths and weaknesses.
Online Project Management Tools
If you’re already using PM tools to keep track of projects and tasks, it makes sense to see if your platform has built-in password functionality. These programs store data privately and use encrypted file-sharing features for security.
In addition to allowing you to set user permissions, this can also be a great way to keep clients up to date on what’s happening on their projects. Of course, that’s not something everyone will want.
Apple Password Sharing
One of the reasons Macs and iPhones remain popular is their many innovative features – including password sharing. If both you and your client are using Apple devices, you can securely share passwords via AirDrop.
What to Do If There’s a Password Breach
If you suspect any account has been compromised, it’s important to remediate it as soon as possible. If you have an IT team, contact them immediately. Then contact the client to notify them of the issue.
Once everyone is aware of the situation, you should passwords as soon as possible. Next, trace access via server logs to identify and block access to potentially compromised systems. Once this is done, you can assess and repair any damage.
Of course, it’s much easier just to prevent beaches before they happen by using one of the password-sharing techniques discussed here. These may take a little effort and investment to securely share a password, but it’s nothing compared to the chaos a hacker can cause.
SEO You Can Trust
Security is just one small piece of the search engine optimization pie. Evisio makes the entire SEO process more manageable.
With regular automated site scans, it tells you exactly what you need to do to improve your search ranking and secure any website – without the need for deep technical knowledge. Even better, it automates reporting, so you can quickly and easily track and show the results of your hard work.
See it for yourself. Contact us for your free, no-obligation trial.